Problem: You entered an incorrect certificate or private key name and clicked Enable SSL. The Cisco Unified MeetingPlace Express system locked you out and you cannot access any part of the application.

Solution: Use the SSLUtil command from the CLI to access the system. See the SSLUtil for information.

Problem: When generating CSRs, you clicked the Generate CSRs button more than once. This causes the system to create a new private key and invalidate any certificates that you have previously installed.

Solution: If you backed up the SSL configuration, restore it.

Solution: If you did not back up the SSL configuration, generate new CSRs and request new certificates from the signing authority.

Problem: You performed a fresh installation of Cisco Unified MeetingPlace Express since receiving the SSL certificates. Whenever you install the Cisco Unified MeetingPlace Express system, the installation program deletes any private keys and public certificates on the hard disk.

Solution: If you backed up the SSL configuration, restore it.

Solution: If you did not back up the SSL configuration, generate new CSRs and request new certificates from the signing authority.

Problem: The hostnames of the Cisco Unified MeetingPlace Express have changed since the system was configured for SSL. The hostnames are defined during installation.

Solution: Obtain new certificates.

Problem: The common portions of the paired public certificate/private key do not match. If these common portions do not match, the public certificate and private key will not work together and the system will be unable to communicate using SSL.

Solution: For the public certificate and private key to work together, they must have the same values for the modulus and exponent fields. All other values in the public certificates and private key files can be different. See the Displaying the Contents of a Certificate to see how to determine if they match.

Problem: The certificates do not have different names or different internal content. You need two certificates for the primary server and two certificates for the secondary (SMA) server: